nova-net: Remove unused '*_default_rules' security group DB APIs

With the API removed, nothing is using these anymore. Remove them. Change-Id: Id303edc0e3b4af5647ce171b7763e094d1aa244c Signed-off-by: Stephen Finucane <sfinucan@redhat.com>
2019-09-24 14:45:16 +01:00 · 2019-09-24 14:45:16 +01:00 · 3776e97f12
commit 3776e97f12
parent 22dee90760
6 changed files with 2 additions and 138 deletions
--- a/nova/compute/api.py
+++ b/nova/compute/api.py
@ -6365,40 +6365,6 @@ class SecurityGroupAPI(base.Base, security_group_base.SecurityGroupBase):
        # NOTE(vish): we removed some rules, so refresh
        self.trigger_rules_refresh(context, id=security_group['id'])

-    def remove_default_rules(self, context, rule_ids):
-        for rule_id in rule_ids:
-            self.db.security_group_default_rule_destroy(context, rule_id)
-
-    def add_default_rules(self, context, vals):
-        rules = [self.db.security_group_default_rule_create(context, v)
-                 for v in vals]
-        return rules
-
-    def default_rule_exists(self, context, values):
-        """Indicates whether the specified rule values are already
-           defined in the default security group rules.
-        """
-        for rule in self.db.security_group_default_rule_list(context):
-            keys = ('cidr', 'from_port', 'to_port', 'protocol')
-            for key in keys:
-                if rule.get(key) != values.get(key):
-                    break
-            else:
-                return rule.get('id') or True
-        return False
-
-    def get_all_default_rules(self, context):
-        try:
-            rules = self.db.security_group_default_rule_list(context)
-        except Exception:
-            msg = 'cannot get default security group rules'
-            raise exception.SecurityGroupDefaultRuleNotFound(msg)
-
-        return rules
-
-    def get_default_rule(self, context, id):
-        return self.db.security_group_default_rule_get(context, id)
-
    def validate_id(self, id):
        try:
            return int(id)
--- a/nova/db/api.py
+++ b/nova/db/api.py
@ -1385,28 +1385,6 @@ def security_group_rule_count_by_group(context, security_group_id):
 ###################


-def security_group_default_rule_get(context, security_group_rule_default_id):
-    return IMPL.security_group_default_rule_get(context,
-                                                security_group_rule_default_id)
-
-
-def security_group_default_rule_destroy(context,
-                                        security_group_rule_default_id):
-    return IMPL.security_group_default_rule_destroy(
-        context, security_group_rule_default_id)
-
-
-def security_group_default_rule_create(context, values):
-    return IMPL.security_group_default_rule_create(context, values)
-
-
-def security_group_default_rule_list(context):
-    return IMPL.security_group_default_rule_list(context)
-
-
-###################
-
-
 def provider_fw_rule_create(context, rule):
    """Add a firewall rule at the provider level (all hosts & instances)."""
    return IMPL.provider_fw_rule_create(context, rule)
--- a/nova/db/sqlalchemy/api.py
+++ b/nova/db/sqlalchemy/api.py
@ -4115,18 +4115,6 @@ def _security_group_ensure_default(context):
                  'user_id': context.user_id,
                  'project_id': context.project_id}
        default_group = security_group_create(context, values)
-
-        default_rules = _security_group_rule_get_default_query(context).all()
-        for default_rule in default_rules:
-            # This is suboptimal, it should be programmatic to know
-            # the values of the default_rule
-            rule_values = {'protocol': default_rule.protocol,
-                           'from_port': default_rule.from_port,
-                           'to_port': default_rule.to_port,
-                           'cidr': default_rule.cidr,
-                           'parent_group_id': default_group.id,
-            }
-            _security_group_rule_create(context, rule_values)
    return default_group


@ -4228,52 +4216,6 @@ def security_group_rule_count_by_group(context, security_group_id):
 ###################


-def _security_group_rule_get_default_query(context):
-    return model_query(context, models.SecurityGroupIngressDefaultRule)
-
-
-@require_context
-@pick_context_manager_reader
-def security_group_default_rule_get(context, security_group_rule_default_id):
-    result = _security_group_rule_get_default_query(context).\
-                        filter_by(id=security_group_rule_default_id).\
-                        first()
-
-    if not result:
-        raise exception.SecurityGroupDefaultRuleNotFound(
-                                        rule_id=security_group_rule_default_id)
-
-    return result
-
-
-@pick_context_manager_writer
-def security_group_default_rule_destroy(context,
-                                        security_group_rule_default_id):
-    count = _security_group_rule_get_default_query(context).\
-                        filter_by(id=security_group_rule_default_id).\
-                        soft_delete()
-    if count == 0:
-        raise exception.SecurityGroupDefaultRuleNotFound(
-                                    rule_id=security_group_rule_default_id)
-
-
-@pick_context_manager_writer
-def security_group_default_rule_create(context, values):
-    security_group_default_rule_ref = models.SecurityGroupIngressDefaultRule()
-    security_group_default_rule_ref.update(values)
-    security_group_default_rule_ref.save(context.session)
-    return security_group_default_rule_ref
-
-
-@require_context
-@pick_context_manager_reader
-def security_group_default_rule_list(context):
-    return _security_group_rule_get_default_query(context).all()
-
-
-###################
-
-
@pick_context_manager_writer
 def provider_fw_rule_create(context, rule):
    fw_rule_ref = models.ProviderFirewallRule()
--- a/nova/db/sqlalchemy/models.py
+++ b/nova/db/sqlalchemy/models.py
@ -717,6 +717,8 @@ class SecurityGroupIngressRule(BASE, NovaBase, models.SoftDeleteMixin):
        'SecurityGroupIngressRule.deleted == 0)')


+# TODO(stephenfin): Remove this in the V release or later, once we're sure we
+# won't want it back (it's for nova-network, so we won't)
 class SecurityGroupIngressDefaultRule(BASE, NovaBase, models.SoftDeleteMixin):
    __tablename__ = 'security_group_default_rules'
    __table_args__ = ()
--- a/nova/exception.py
+++ b/nova/exception.py
@ -1164,10 +1164,6 @@ class SecurityGroupNotExistsForInstance(Invalid):
                " the instance %(instance_id)s")


-class SecurityGroupDefaultRuleNotFound(Invalid):
-    msg_fmt = _("Security group default rule (%rule_id)s not found.")
-
-
 class SecurityGroupCannotBeApplied(Invalid):
    msg_fmt = _("Network requires port_security_enabled and subnet associated"
                " in order to apply security groups.")
--- a/nova/network/security_group/neutron_driver.py
+++ b/nova/network/security_group/neutron_driver.py
@ -558,23 +558,3 @@ class SecurityGroupAPI(security_group_base.SecurityGroupBase):
                   {'security_group_name': security_group_name,
                    'instance': instance.uuid})
            self.raise_not_found(msg)
-
-    def get_default_rule(self, context, id):
-        msg = _("Network driver does not support this function.")
-        raise exc.HTTPNotImplemented(explanation=msg)
-
-    def get_all_default_rules(self, context):
-        msg = _("Network driver does not support this function.")
-        raise exc.HTTPNotImplemented(explanation=msg)
-
-    def add_default_rules(self, context, vals):
-        msg = _("Network driver does not support this function.")
-        raise exc.HTTPNotImplemented(explanation=msg)
-
-    def remove_default_rules(self, context, rule_ids):
-        msg = _("Network driver does not support this function.")
-        raise exc.HTTPNotImplemented(explanation=msg)
-
-    def default_rule_exists(self, context, values):
-        msg = _("Network driver does not support this function.")
-        raise exc.HTTPNotImplemented(explanation=msg)